404 lockout being caused by stong-password JavaScript

  • I’m seeing users being locked out of the WordPress admin pages because there is a 404 error caused by the iThemes “Strong-Password” JavaScript, according to the logs.

    The URL in the logs show that the network path is being appended to relative URL path.

    Ex. /wp-content/plugins/better-wp-security/D:/inetpub/wwwroot/mySite/wp-content/plugins/better-wp-security/core/modules/strong-passwords/js/script.js

    After the threshold has been hit, users are being added to the ban list.

    How can I resolve this issue?

    Thanks.

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 4 replies - 1 through 4 (of 4 total)
  • caseyctg

    (@caseyctg)

    I had the same issue. I ended up white listing that particular url because of it. I wish they would fix the cause, but I think its only happening on a particular server version..

    Yes, I’m getting the same thing.

    This is not fixed yet?

    On my windows server I get the same error. This is the fix. It should also work on linux servers.

    In file /better-wp-security/core/lib.php in line 408 (function get_module_path())

    old:

    $path = str_replace( ITSEC_Core::get_plugin_dir(), '', dirname( $file ) );

    new:

    $path = str_replace( str_replace( '\\', '/',ITSEC_Core::get_plugin_dir()), '', str_replace( '\\', '/',dirname( $file )) );

    Would be awsome if this gets a fix (after years of pulling the bug through the versions)

    • This reply was modified 7 years, 4 months ago by chrizz1001.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘404 lockout being caused by stong-password JavaScript’ is closed to new replies.